b.a.t.m.a.n.lists.open-mesh.org archive mirror
 help / color / mirror / Atom feed
* [B.A.T.M.A.N.] Gateway
@ 2011-04-11 15:35 Ryan Hughes
  2011-04-11 23:03 ` Marek Lindner
  0 siblings, 1 reply; 2+ messages in thread
From: Ryan Hughes @ 2011-04-11 15:35 UTC (permalink / raw)
  To: b.a.t.m.a.n

[-- Attachment #1: Type: TEXT/PLAIN, Size: 1862 bytes --]

Okay, so I'm putting aside my concerns about running batman side-by-side 
with something else.  The WBMv3 script looks like a pretty good guide to 
that.  I'm having more basic problems right now.

I don't seem to understand how to set up the gateway.

I'm using bmx6 right now (is that on-topic for this list?  I assume the 
same things apply to batmand).

I started the node that has the gateway (node1) with:
bmxd -g 5mbit/1024kbit dev=wlan0

and the one without the gateway (node2) with:
bmxd -r 3 dev=wlan0

node2 is aware of node1's gateway, as evidenced by bmxd -c -d 2:

   Originator         bestNextHop   #         preferred gateway: 0.0.0.0
=> 10.0.1.1               10.0.1.1  94, gw_class 49 - 4MBit/1024KBit, reliability: 0, supported tunnel types 2WT, 1WT

but I am unable to ping out to the internet from node2.

Is this a firewall problem?  What should I be doing differently with the 
firewall?  I think I have node1's firewall forwarding (and 
masquerading) from the tunnel interface to my lan interface (where the 
gateway is plugged in).  batmand documentation refers to the tunnel 
interface as gate0, but bmxd calls this interface bat0.

I attached my /etc/config/firewall.

Also, here is a little snippet from iftop -i bat0 run on node1 while node2 
was trying to ping 141.1.1.1.  It shows that the pings make it as far as 
node1, but don't make it out.  That's why I'm thinking firewall.

169.254.0.0                => 169.254.0.132               896b    896b    896b
                            <=                               0b      0b      0b
169.254.0.132              => cns1.cw.net                 672b    672b    672b
                            <=                               0b      0b      0b

Is there some other step I'm supposed to do?  bridging the tunnel 
interface with my lan interface?  (I doubt it).

Thanks.
--Ryan

[-- Attachment #2: Type: TEXT/PLAIN, Size: 2312 bytes --]

config defaults
	option syn_flood	1
	option input		ACCEPT
	option output		ACCEPT 
	option forward		REJECT
# Uncomment this line to disable ipv6 rules
#	option disable_ipv6	1

config zone
	option name		lan
	option input	ACCEPT 
	option output	ACCEPT 
	option forward	ACCEPT
	option masq	1
	option mtu_fix	1
	
config zone
	option name		'mesh0'
	option input	ACCEPT
	option output	ACCEPT
	option forward  ACCEPT

config forwarding 
	option src      mesh0
	option dest     lan
	
config zone
	option name 	'bat0'
	option input	ACCEPT
	option output	ACCEPT
	option forward	ACCEPT
	
config forwarding
	option src	bat0
	option dest	lan
	
config forwarding
	option src	lan
	option dest	bat0
	
# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
	option src		lan
	option proto		udp
	option dest_port	68
	option target		ACCEPT
	option family	ipv4

#Allow ping
config rule
	option src lan
	option proto icmp
	option icmp_type echo-request
	option target ACCEPT

# include a file with users custom iptables rules
config include
	option path /etc/firewall.user


### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
#	option src		lan
#	option src_ip	192.168.45.2
#	option dest		wan
#	option proto	tcp
#	option target	REJECT 

# block a specific mac on wan
#config rule
#	option dest		wan
#	option src_mac	00:11:22:33:44:66
#	option target	REJECT 

# block incoming ICMP traffic on a zone
#config rule
#	option src		lan
#	option proto	ICMP
#	option target	DROP

# port redirect port coming in on wan to lan
#config redirect
#	option src			wan
#	option src_dport	80
#	option dest			lan
#	option dest_ip		192.168.16.235
#	option dest_port	80 
#	option proto		tcp


### FULL CONFIG SECTIONS
#config rule
#	option src		lan
#	option src_ip	192.168.45.2
#	option src_mac	00:11:22:33:44:55
#	option src_port	80
#	option dest		wan
#	option dest_ip	194.25.2.129
#	option dest_port	120
#	option proto	tcp
#	option target	REJECT 

#config redirect
#	option src		lan
#	option src_ip	192.168.45.2
#	option src_mac	00:11:22:33:44:55
#	option src_port		1024
#	option src_dport	80
#	option dest_ip	194.25.2.129
#	option dest_port	120
#	option proto	tcp

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [B.A.T.M.A.N.] Gateway
  2011-04-11 15:35 [B.A.T.M.A.N.] Gateway Ryan Hughes
@ 2011-04-11 23:03 ` Marek Lindner
  0 siblings, 0 replies; 2+ messages in thread
From: Marek Lindner @ 2011-04-11 23:03 UTC (permalink / raw)
  To: The list for a Better Approach To Mobile Ad-hoc Networking

On Monday 11 April 2011 17:35:29 Ryan Hughes wrote:
> I don't seem to understand how to set up the gateway.
> 
> I'm using bmx6 right now (is that on-topic for this list?  I assume the 
> same things apply to batmand).


The bmx project has its own website / resources: http://www.bmx6.net
Axel (its developer) tends to not read this list.

Regards,
Marek

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-04-11 23:03 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-04-11 15:35 [B.A.T.M.A.N.] Gateway Ryan Hughes
2011-04-11 23:03 ` Marek Lindner

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).